Articles tagged "Critical"

Found 915 articles

Fortinet has addressed a severe vulnerability in its FortiSIEM product that could allow attackers to execute arbitrary code without authentication. This flaw, known as CVE-2025-64155, has a CVSS score of 9.4, highlighting its potential impact on affected systems. The vulnerability arises from improper handling of special elements in OS commands, which could be exploited by malicious actors. Organizations using FortiSIEM should prioritize applying the latest updates to protect their systems. The existence of such vulnerabilities emphasizes the need for ongoing vigilance in maintaining security protocols and software updates.

Read Original

Node.js has issued urgent updates to address a serious vulnerability that affects nearly all production applications using the platform. The flaw, related to the async_hooks module, can lead to a stack overflow, resulting in a denial-of-service (DoS) condition. This means that if attackers exploit this vulnerability, they could crash servers running affected applications, disrupting services. Developers and companies using Node.js should prioritize applying these patches to maintain service availability and prevent potential outages. The vulnerability is especially concerning because it touches on core functionality that many frameworks rely on for stability.

Read Original
Actively Exploited

In 2025, Taiwan experienced a significant increase in cyberattacks from China, with incidents targeting critical infrastructure such as energy utilities and hospitals rising by 6%. On average, Taiwan faced approximately 2.63 million cyberattacks each day. This uptick in activity poses serious risks to the nation's essential services and public safety. The ongoing assaults highlight the tense geopolitical climate and the vulnerabilities of Taiwan's digital infrastructure. As these attacks escalate, it becomes crucial for Taiwan to enhance its cybersecurity measures to protect against such threats.

Read Original

AZ Monica hospital in Belgium has been hit by a cyberattack that led to the shutdown of all its servers. The attack forced the cancellation of scheduled medical procedures and required the transfer of critical patients to other facilities. The incident has raised concerns about the security of healthcare systems, especially as hospitals are increasingly targeted by cybercriminals. AZ Monica operates two campuses in Antwerp and Deurne, and the disruption could have significant implications for patient care and hospital operations. Authorities are investigating the attack to understand its impact and prevent future incidents.

Read Original

A serious vulnerability has been identified in multiple versions of the Apache Struts 2 framework, tracked as CVE-2025-68493. This XML external entity injection flaw could allow attackers to gain unauthorized access to sensitive data, cause denial-of-service attacks, or execute server-side request forgery (SSRF) attacks. Organizations using affected versions of Apache Struts 2 are at risk, which could lead to significant data breaches and disruptions. The issue emphasizes the need for developers and system administrators to ensure their applications are updated and secure against such vulnerabilities. Immediate action is necessary to mitigate potential exploitation.

Read Original
Actively Exploited

AZ Monica, a hospital in Belgium, has had to shut down all its servers following a cyberattack that forced the cancellation of scheduled procedures and the transfer of critical patients. The incident raises serious concerns about the impact of cyber threats on healthcare facilities, which are often vulnerable targets. Hospitals rely heavily on their IT systems for patient care, and disruptions can lead to significant risks for patient safety and treatment continuity. This attack not only affects the immediate operations of AZ Monica but also serves as a reminder of the growing threats facing healthcare institutions worldwide. The situation is still developing as the hospital works to assess the damage and restore its systems.

Read Original

ServiceNow has addressed a significant flaw in its AI platform that could allow attackers to impersonate users. The company claims there is no evidence that this vulnerability was exploited before the patch was released in October. However, security researchers warn that the configuration of AI agents could still lead to prompt-injection style abuses, which could potentially compromise user accounts. This situation raises concerns about the security of AI systems and the risks they pose if not properly configured. Organizations using ServiceNow's AI features should ensure they implement the latest updates to mitigate any potential risks.

Read Original

A Dutch appeals court has sentenced a 44-year-old hacker to seven years in prison for his role in hacking port systems to facilitate the smuggling of cocaine through European logistics hubs. The hacker exploited vulnerabilities in port networks to help traffickers move drugs into the Netherlands, highlighting a significant intersection of cybersecurity and organized crime. This case underscores the potential dangers of cyber intrusions in critical infrastructure, as they can be manipulated for illegal activities. The ruling reflects growing legal actions against cybercriminals and aims to deter similar offenses in the future. The incident raises awareness about the importance of securing logistical and transportation networks against cyber threats, which can have far-reaching implications beyond just financial losses.

Read Original

Experts are warning that power outages in IT and operational technology (OT) systems could lead to significant cybersecurity issues by 2026. These power gaps may turn minor outages into major crises, affecting the reliability and security of critical infrastructure. Companies that rely heavily on interconnected IT and OT systems should be particularly concerned, as the potential for cyberattacks increases during power failures. If attackers take advantage of these vulnerabilities, they could disrupt services, compromise data, or even cause physical damage. This situation highlights the need for organizations to bolster their cybersecurity measures and prepare for the challenges posed by electrical failures.

Read Original

A 44-year-old man has been sentenced to prison for installing remote access malware on the systems of a logistics company in the Netherlands. He was able to carry out this cyberattack with assistance from some employees of the firm. The malware allowed him to gain unauthorized access to sensitive information, raising serious concerns about insider threats and the security of critical infrastructure. This incident serves as a reminder for companies to strengthen their cybersecurity measures and ensure that employees are aware of the risks associated with insider collaboration. The case highlights the increasing need for vigilance in protecting sensitive systems from both external and internal threats.

Read Original

ServiceNow has reported a serious security vulnerability in its AI Platform that could allow an unauthenticated user to impersonate another user and take actions on their behalf. This flaw, identified as CVE-2025-12420, has a high severity rating of 9.3 out of 10, indicating a significant risk to users. The potential for impersonation means that attackers could exploit this weakness to gain unauthorized access to sensitive information or perform harmful actions. Organizations using ServiceNow's AI Platform should prioritize applying the patch to mitigate this risk and protect their users. The quick response from ServiceNow in addressing this vulnerability is crucial to maintaining trust in their services.

Read Original

A 44-year-old Dutch man has been sentenced to seven years in prison for hacking into the ports of Rotterdam and Antwerp, two of Europe's busiest ports. The Amsterdam Court of Appeal found him guilty of multiple offenses, including computer hacking and attempted extortion. His actions raised significant concerns about the security of critical infrastructure, as port operations are vital for trade and logistics. The case serves as a stark reminder of the potential risks posed by cybercriminals to essential services and the economy. Authorities hope this sentence will deter similar attacks in the future.

Read Original
Actively Exploited

APT28, a hacking group believed to be linked to Russia, has been actively targeting energy and defense organizations associated with NATO for the past year. Their primary focus has been on credential harvesting, which involves stealing usernames and passwords to gain unauthorized access to sensitive systems. This group's activities are concerning as they threaten critical infrastructure and national security, particularly in the context of ongoing geopolitical tensions. Companies in the energy and defense sectors should remain vigilant and enhance their security measures to protect against these sophisticated attacks. The sustained campaign by APT28 indicates a persistent risk that organizations must address to safeguard their data and operations.

Read Original
Actively Exploited

In August 2025, the University of Hawaii's Cancer Center experienced a ransomware attack that compromised sensitive data belonging to study participants. The breach included historical documents dating back to the 1990s, which contained Social Security numbers. This incident raises significant concerns about the protection of personal information in medical research, particularly as the stolen data can be used for identity theft and fraud. The university is now facing the challenge of addressing the fallout from this breach, including notifying affected individuals and enhancing their cybersecurity measures to prevent future incidents. As healthcare institutions increasingly rely on digital systems, the need for robust data protection strategies has never been more critical.

Read Original

APT28, a Russian cyber espionage group, has been observed targeting entities involved in energy research and defense collaboration. The group has employed tactics that involve impersonating well-known webmail and VPN services, including Microsoft OWA, Google, and Sophos VPN portals, to deceive users into revealing sensitive information. This attack is significant as it aims to infiltrate organizations that play a critical role in energy security and defense, potentially leading to the theft of valuable research and intelligence. The ongoing nature of these attacks poses a serious risk to national security and the integrity of the affected sectors, highlighting the need for organizations to enhance their cybersecurity measures. Users should be cautious and verify the authenticity of services before entering any sensitive information.

Read Original
PreviousPage 49 of 61Next